Privacy Policy

§ 1 General Provisions

This document defines the rules for storing and accessing information on User devices via Cookies, and the rules for processing and protecting personal data by the Administrator through the website https://xbit.com.pl (hereinafter: 'Website'). The Administrator of personal data is XBIT GROUP Sp. z o.o. with its registered office in Gdańsk, ul. Na Stoku 53/55/4, 80-874 Gdańsk, NIP: 5833536365, REGON: 541570804. The Administrator processes personal data in accordance with Polish law and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

§ 2 Definitions

• —Administrator – XBIT GROUP Sp. z o.o. with registered office in Gdańsk.
• —Cookies – small text files stored on the User's device.
• —Device – electronic device used by the User to access the Website.
• —Personal data – information enabling identification of a natural person.
• —User – any natural person using the Website.
• —Processing – any operation performed on personal data.
• —Processor – entity processing personal data on behalf of the Administrator.

§ 3 Scope and Purpose of Processing

Personal data is processed for the purposes of: concluding contracts, ensuring the Website's operation, tailoring offers and advertisements, sending newsletters, publishing content. The scope of data may include: first name, last name, address, email, phone, national ID number, IP address, Cookies.

§ 4 Legal Bases for Processing

Data is processed on the basis of: User's consent, necessity of contract performance, legal obligation, and the Administrator's legitimate interests.

§ 5 Retention Period

Data will be retained until the legal basis for processing ceases or longer if required by law.

§ 6 Voluntary Data Provision

Providing data is voluntary but necessary to use the services offered by the Website.

§ 7 Cookies

The Website uses Cookies to improve functionality, analytics, and marketing. Cookies may be session-based (deleted after closing the browser) or persistent. Users can change Cookie settings in their browser. Restricting Cookies may affect the Website's functionality. Cookies may also be used by the Administrator's partners (e.g., analytics and advertising tools).

§ 8 Administrator's Obligations

The Administrator may share personal data with government authorities in cases defined by law. Data may be processed by cooperating entities under appropriate data processing agreements.

§ 9 Data Processor

The Processor acts in accordance with law and may process data only in accordance with the Administrator's instructions. Data may only be processed within the EU or EEA. The Processor ensures an appropriate level of security measures.

§ 10 User Rights

The User has the right to: withdraw consent, access their data, rectify it, erase it or restrict processing, object to processing, and data portability. To exercise these rights, contact: kontakt@xbit.com.pl

§ 11 Data Security

The Administrator applies technical and organisational measures in accordance with GDPR, including encryption, server security, backups, and security audits.

§ 12 Final Provisions

Matters not covered by this Policy are governed by the GDPR and Polish law.